CVE-2019-14682

The acf-better-search (aka ACF: Better Search) plugin before 3.3.1 for WordPress allows wp-admin/options-general.php?page=acfbs_admin_page CSRF.

Published : 2019-08-08 20:15 Updated : 2019-08-22 16:02

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Acf%3a Better Search Project Acf%3a Better Search - cpe:/a:acf%3a_better_search_project:acf%3a_better_search:-::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 1.0.0 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:1.0.0::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.0.0 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.0.0::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.0.1 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.0.1::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.0.2 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.0.2::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.0.3 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.0.3::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.0.4 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.0.4::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.0.5 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.0.5::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.0.6 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.0.6::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.0.7 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.0.7::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.1.0 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.1.0::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.1.1 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.1.1::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.1.2 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.1.2::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.1.3 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.1.3::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 2.2.0 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:2.2.0::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 3.0.0 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:3.0.0::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 3.0.1 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:3.0.1::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 3.1.0 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:3.1.0::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 3.1.1 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:3.1.1::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 3.1.2 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:3.1.2::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 3.1.3 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:3.1.3::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 3.2.0 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:3.2.0::~~~wordpress~~
Acf%3a Better Search Project Acf%3a Better Search 3.3.0 cpe:/a:acf%3a_better_search_project:acf%3a_better_search:3.3.0::~~~wordpress~~
  1. Acf%3a Better Search Project (1) Search CVE
    1. Acf%3a Better Search (23) Search CVE
      1. -
      2. 1.0.0
      3. 2.0.0
      4. 2.0.1
      5. 2.0.2
      6. 2.0.3
      7. 2.0.4
      8. 2.0.5
      9. 2.0.6
      10. 2.0.7
      11. 2.1.0
      12. 2.1.1
      13. 2.1.2
      14. 2.1.3
      15. 2.2.0
      16. 3.0.0
      17. 3.0.1
      18. 3.1.0
      19. 3.1.1
      20. 3.1.2
      21. 3.1.3
      22. 3.2.0
      23. 3.3.0

CWE

ID Name Description Links
CWE-352 Cross-Site Request Forgery (CSRF) The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. CVE

History of changes

Date Event
2019-08-22 16:02
2019-08-21 23:15
2019-08-13 20:56
2019-08-08 20:15

New CVE